ldap-authentication - npm Package Compare versions

Comparing version 1.0.1 to 2.0.0

example/index.js

@@ -15,3 +15,3 @@ const { authenticate } = require('../index')
     userSearchBase: 'dc=example,dc=com',
-    userSearchString: '(uid=gauss)',
+    userSearchFilter: '(uid=gauss)',
     // starttls: false
@@ -32,3 +32,3 @@ }
     userSearchBase: 'dc=example,dc=com',
-    userSearchString: '(uid=einstein)',
+    userSearchFilter: '(uid=einstein)',
     // starttls: false
@@ -35,0 +35,0 @@ }

index.js

@@ -39,6 +39,10 @@ const assert = require('assert')
 // search a user and return the object
-async function _searchUser(ldapClient, searchBase, usernameFilter) {
+async function _searchUser(ldapClient, searchBase, usernameAttribute, username) {
   return new Promise(function (resolve, reject) {
+    var filter = new ldap.filters.EqualityFilter({
+      attribute: usernameAttribute, 
+      value: username
+    })
     ldapClient.search(searchBase, {
-      filter: usernameFilter,
+      filter: filter,
       scope: 'sub'
@@ -76,8 +80,8 @@ }, function (err, res) {
 
-async function authenticateWithAdmin(adminDn, adminPassword, userSearchBase, userSearchString, userPassword, starttls, ldapOpts) {
+async function authenticateWithAdmin(adminDn, adminPassword, userSearchBase, usernameAttribute, username, userPassword, starttls, ldapOpts) {
   var ldapAdminClient = await _ldapBind(adminDn, adminPassword, starttls, ldapOpts)
-  var user = await _searchUser(ldapAdminClient, userSearchBase, userSearchString)
+  var user = await _searchUser(ldapAdminClient, userSearchBase, usernameAttribute, username)
   ldapAdminClient.unbind()
   if (!user || !user.dn) {
-    throw new Error('user not found or userSearchString is wrong')
+    throw new Error('user not found or userSearchFilter is wrong')
   }
@@ -90,7 +94,7 @@ var userDn = user.dn
 
-async function authenticateWithUser(userDn, userSearchBase, userSearchString, userPassword, starttls, ldapOpts) {
+async function authenticateWithUser(userDn, userSearchBase, usernameAttribute, username, userPassword, starttls, ldapOpts) {
   let ldapUserClient = await _ldapBind(userDn, userPassword, starttls, ldapOpts)
-  var user = await _searchUser(ldapUserClient, userSearchBase, userSearchString)
+  var user = await _searchUser(ldapUserClient, userSearchBase, usernameAttribute, username)
   if (!user || !user.dn) {
-    throw new Error('user not found')
+    throw new Error('user logged in, but user details could not be found. Probabaly userSearchFilter is wrong?')
   }
@@ -103,3 +107,4 @@ ldapUserClient.unbind()
   assert(options.userSearchBase, 'userSearchBase must be provided')
-  assert(options.userSearchString, 'userSearchString must be provided')
+  assert(options.usernameAttribute, 'userSearchFilter must be provided')
+  assert(options.username, 'userSearchFilter must be provided')
   assert(options.userPassword, 'userPassword must be provided')
@@ -113,3 +118,4 @@ assert(options.ldapOpts && options.ldapOpts.url, 'ldapOpts.url must be provided')
       options.userSearchBase,
-      options.userSearchString,
+      options.usernameAttribute,
+      options.username,
       options.userPassword,
@@ -124,3 +130,4 @@ options.starttls,
     options.userSearchBase,
-    options.userSearchString,
+    options.usernameAttribute,
+    options.username,
     options.userPassword,
@@ -127,0 +134,0 @@ options.starttls,

package.json

 {
   "name": "ldap-authentication",
-  "version": "1.0.1",
+  "version": "2.0.0",
   "description": "A simple async nodejs library for LDAP user authentication",
@@ -5,0 +5,0 @@ "main": "index.js",

README.md

@@ -41,3 +41,3 @@ # A Simple node Library that Authenticates a User Against an LDAP/AD Server
 
-async function (auth() {
+async function auth() {
 
@@ -54,3 +54,3 @@ // auth with admin
     userSearchBase: 'dc=example,dc=com',
-    userSearchString: '(uid=gauss)',
+    userSearchFilter: '(uid=gauss)',
     // starttls: false
@@ -71,3 +71,3 @@ }
     userSearchBase: 'dc=example,dc=com',
-    userSearchString: '(uid=einstein)',
+    userSearchFilter: '(uid=einstein)',
     // starttls: false
@@ -91,6 +91,12 @@ }
 * `adminPassword`: The password of the admin.
-* `userDn`: The DN of the user to be authenticated. This is only needed if `adminDn` and `adminPassword` are not provided. Example: `uid=gauss,dc=example,dc=com`
+* `userDn`: The DN of the user to be authenticated. This is only needed if `adminDn` and `adminPassword` are not provided.
+            Example: `uid=gauss,dc=example,dc=com`
 * `userPassword`: The password of the user,
 * `userSearchBase`: The ldap base DN to search the user. Example: `dc=example,dc=com`
-* `userSearchString`: The ldap search string to get user's detail information. Example: `(uid=gauss)`'
+* `usernameAttribute`: The ldap search equality attribute name corresponding to the user's username.
+                       It will be used with the value in `username` to construct an ldap filter as `({attribute}={username})`
+                       to find the user and get user details in LDAP. Example: `uid`
+* `username`: The username to authenticate with. It is used together with the name in `usernameAttribute` 
+              to construct an ldap filter as `({attribute}={username})`
+              to find the user and get user details in LDAP. Example: `some user input`
 * `starttls`: Boolean. Use `STARTTLS` or not

test/test.js

@@ -13,3 +13,4 @@ const { authenticate } = require('../index.js')
         userSearchBase: 'dc=example,dc=com',
-        userSearchString: '(uid=gauss)'
+        usernameAttribute: 'uid',
+        username: 'gauss'
       }
@@ -28,3 +29,4 @@ let user = await authenticate(options)
         userSearchBase: 'dc=example,dc=com',
-        userSearchString: '(uid=gauss)'
+        usernameAttribute: 'uid',
+        username: 'gauss'
       }
@@ -47,3 +49,4 @@ let user = await authenticate(options)
       userSearchBase: 'dc=example,dc=com',
-      userSearchString: '(uid=gauss)'
+      usernameAttribute: 'uid',
+      username: 'gauss'
     }
@@ -64,6 +67,7 @@ let e = null
       adminDn: 'cn=read-only-admin,dc=example,dc=com',
-      adminPassword: 'wrongpassword',
+      adminPassword: '',
       userPassword: 'password',
       userSearchBase: 'dc=example,dc=com',
-      userSearchString: '(uid=gauss)'
+      usernameAttribute: 'uid',
+      username: 'gauss'
     }
@@ -87,3 +91,4 @@ let e = null
       userSearchBase: 'dc=example,dc=com',
-      userSearchString: '(uid=not-exist)'
+      usernameAttribute: 'uid',
+      username: 'wrong'
     }
@@ -107,3 +112,4 @@ let e = null
       userSearchBase: 'dc=example,dc=com',
-      userSearchString: '(uid=gauss)'
+      usernameAttribute: 'uid',
+      username: 'gauss'
     }
@@ -126,3 +132,4 @@ let e = null
       userSearchBase: 'dc=example,dc=com',
-      userSearchString: '(uid=gauss)'
+      usernameAttribute: 'uid',
+      username: 'gauss'
     }
@@ -145,3 +152,4 @@ let e = null
       userSearchBase: 'dc=example,dc=com',
-      userSearchString: '(uid=gauss)'
+      usernameAttribute: 'uid',
+      username: 'gauss'
     }
@@ -148,0 +156,0 @@ let e = null

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

13248

increased by7.92%

Lines of code

312

increased by5.05%

Number of lines in readme file

99

increased by6.45%

No dependency changes